Security Policy
SEG-P-001 Information Security Policy
Introduction
Voxel’s Security Policy will ensure the security of information in all its business processes, being applicable in all phases of the life cycle of information and documents: generation, distribution, storage, processing, transport, consultation and destruction, as well as the systems that support them: analysis, design, development, implementation, operation and maintenance. ‘
Voxel will adopt actions aimed at preserving at all times the three basic dimensions of information security:
✓ Confidentiality: ensuring that data and systems are only accessed by duly authorized persons.
✓ Integrity: Ensuring the accuracy of the information and systems against alteration, loss or destruction, whether accidental or fraudulent.
✓ Availability: Ensure that information and systems can be used as and when required.
Security Policy
This policy is mandatory for all Voxel employees and collaborators (external persons and consultants).
In order to comply with the basic principles, Voxel’s Management is committed to support the management of information security through the establishment of guidelines by the Management, which guarantee:
The commitment and promotion of continuous improvement of the information security management system.
Accept as strategic assets of the company, the information and the systems that support it, expressing its determination to achieve the necessary security levels that certify its protection in a profitable way, ensuring security and controlled access to information, and thus improve the quality of services offered by the company to its customers.
Implement relevant controls to ensure the processing of information in the operations and appropriate security measures in the networks through which the information is transmitted.
Raise awareness among users so that Voxel’s Information Security policy has the maximum impact within the organization, developing short, medium and long term goals and incorporating specific motivation and training techniques, being necessary to make this policy available to all recipients in a way that is appropriate, understandable and accessible.
Adopt the Information Security policy as the main tool for guaranteeing information security and business objectives, promoting and ensuring compliance with it for all Voxel employees and collaborators. Likewise, regulations, standards and administrative or operational procedures with a more limited scope will be defined within the ISMS.
Establish contractual relationships with suppliers and partners with appropriate security requirements. Security incidents will be managed quickly, effectively and appropriately to minimize their impact.
Establish defined roles and responsibilities for the proper management of the Information Security Management System.
Identify and act on current and potential risks and threats regarding Information Security on Voxel.
Compliance with legal, regulatory or contractual requirements related to information security and applicable to Voxel.
To provide the material, economic and human resources necessary to carry out the tasks related to Information Security.
SECURITY REGULATIONS
SEG-P-001 Information Security Policy
Code: SEG-P-001 | Date: Version: 01